Does Frotel Woocommerce have any unpatched vulnerabilities?

No. All known vulnerabilities in Frotel Woocommerce have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Frotel Woocommerce compatible with WordPress 5.6.17?

According to WordPress.org data, Frotel Woocommerce 1.4.3 has been tested up to WordPress 5.6.17. Check the plugin's changelog for the latest compatibility information.

Is Frotel Woocommerce compatible with PHP 5.6+?

Frotel Woocommerce requires PHP 5.6 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Frotel Woocommerce updated?

Frotel Woocommerce was last updated on Dec 13, 2020. Frequent updates are generally a positive security signal.

What is Frotel Woocommerce's security score?

Frotel Woocommerce has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Frotel Woocommerce Security & Risk Analysis

wordpress.org/plugins/frotel-woocommerce

Synchronize your woocommerce orders with Frotel Panel.

10 active installs v1.4.3 PHP 5.6+ WP 3.0.1+ Updated Dec 13, 2020

cash-on-deliverycodfrotelshopwoocommerce

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Frotel Woocommerce Safe to Use in 2026?

Generally Safe

Score 85/100

Frotel Woocommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 5yr ago

Risk Assessment

The "frotel-woocommerce" plugin v1.4.3 exhibits a concerning security posture due to a significant number of unprotected entry points. While the plugin does not appear to use dangerous functions and its SQL queries are properly prepared, the lack of authentication checks on 6 out of 7 identified entry points, specifically the AJAX handlers, represents a substantial risk. The taint analysis revealed flows with unsanitized paths, which, although not classified as critical or high severity, still indicates potential avenues for exploitation if data manipulation is possible. The absence of nonce and capability checks on these AJAX handlers further exacerbates this risk, making them prime targets for Cross-Site Request Forgery (CSRF) or other injection-based attacks. The plugin's history of zero known vulnerabilities is a positive sign, suggesting that the developers may be responsive to security issues. However, the current state of the code, with its unprotected attack surface, presents a significant weakness that could be exploited if vulnerabilities are introduced or if the unsanitized paths can be leveraged.

Key Concerns

AJAX handlers without authentication checks
Flows with unsanitized paths
Outputs not properly escaped
File operations without clear sanitization
External HTTP requests without clear sanitization
Missing nonce checks
Missing capability checks

Vulnerabilities

None known

Frotel Woocommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Frotel Woocommerce Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

5 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

16% escaped32 total outputs

Data Flows

2 unsanitized

Data Flow Analysis

2 flows2 with unsanitized paths

frotel_banks (functions.php:361)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

6 unprotected

Frotel Woocommerce Attack Surface

Entry Points7

Unprotected6

AJAX Handlers 6

authwp_ajax_chose_bankfrotel-woocommerce.php:39

noprivwp_ajax_chose_bankfrotel-woocommerce.php:40

authwp_ajax_check_couponfrotel-woocommerce.php:67

noprivwp_ajax_check_couponfrotel-woocommerce.php:68

authwp_ajax_check_couponfrotel-woocommerce.php:75

noprivwp_ajax_check_couponfrotel-woocommerce.php:76

Shortcodes 1

[frotel_banks] frotel-woocommerce.php:51

WordPress Hooks 15

filterwoocommerce_payment_gatewaysfrotel-woocommerce.php:29

filterwoocommerce_shipping_methodsfrotel-woocommerce.php:30

actionplugins_loadedfrotel-woocommerce.php:31

actionwoocommerce_shipping_initfrotel-woocommerce.php:34

filterwoocommerce_statesfrotel-woocommerce.php:44

filterwoocommerce_checkout_fieldsfrotel-woocommerce.php:45

filterwoocommerce_calculated_totalfrotel-woocommerce.php:46

filterdefault_checkout_countryfrotel-woocommerce.php:47

actionwoocommerce_after_checkout_formfrotel-woocommerce.php:53

actionwoocommerce_thankyou_frotelfrotel-woocommerce.php:54

filterwoocommerce_coupons_enabledfrotel-woocommerce.php:60

filterwoocommerce_order_formatted_billing_addressfrotel-woocommerce.php:79

filterwoocommerce_order_formatted_shipping_addressfrotel-woocommerce.php:80

actionadmin_noticesfrotel-woocommerce.php:101

actionadmin_noticesinclude\settings-frotel.php:19

Maintenance & Trust

Frotel Woocommerce Maintenance & Trust

Maintenance Signals

WordPress version tested5.6.17

Last updatedDec 13, 2020

PHP min version5.6

Downloads4K

Community Trust

Rating100/100

Number of ratings1

Active installs10

Alternatives

Frotel Woocommerce Alternatives

Smart COD for WooCommerce

wc-smart-cod

100

All the COD restrictions and extra fees you'll ever need, in a single plugin.

30K No CVEs

PiWeb Disable payment method / Partial payment for WooCommerce

disable-payment-method-for-woocommerce

100

Disable payment method for WooCommerce, Charge WooCommerce Payment processing FEES, Take Partial payment for Order, Advance COD or Partial payment for …

4K No CVEs